Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Fix result of Farbar Recovery Scan Tool (x64) Version:04-03-2016
- Ran by Petr (2016-03-05 20:29:48) Run:1
- Running from C:\Users\Petr\Desktop
- Loaded Profiles: Petr (Available Profiles: Petr)
- Boot Mode: Normal
- ==============================================
- fixlist content:
- *****************
- Start
- CreateRestorePoint:
- CloseProcesses:
- Task: {1F96EC9C-6291-4C2C-9B2A-6AF2B3AD6000} - System32\Tasks\WINshell Event Notification => C:\Users\KONTRA~1\AppData\Local\Temp\SBCint2.exe <==== ATTENTION
- Task: {C7701396-3622-4FA8-91F0-05421ADFB614} - \Update\cryptex -> No File <==== ATTENTION
- Task: {E954E6AE-695F-4BC8-BA0D-901CAC10C3D8} - System32\Tasks\WINshell Event Logging => C:\Users\KONTRA~1\AppData\Local\Temp\Dscp1.exe <==== ATTENTION
- HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
- HKLM\...\Policies\Explorer: [HideSCAHealth] 1
- HKU\S-1-5-21-3631145020-3224763176-4093947856-1001\...\MountPoints2: {fbdf364a-e361-11e4-9eee-806e6f6e6963} - D:\Autorun.exe
- HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1
- S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
- Folder: C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
- EmptyTemp:
- REG: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
- REG: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
- RemoveProxy:
- CMD: bitsadmin /reset /allusers
- CMD: netsh advfirewall reset
- CMD: netsh advfirewall set allprofiles state ON
- CMD: ipconfig /flushdns
- CMD: netsh winsock reset catalog
- CMD: netsh int ip reset c:\resetlog.txt
- CMD: ipconfig /release
- CMD: ipconfig /renew
- CMD: netsh int ipv4 reset
- CMD: netsh int ipv6 reset
- CMD: msiexec /unreg
- CMD: msiexec /regserver
- CMD: winmgmt /verifyrepository
- REG: reg delete HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg /f
- REG: reg add HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg /f
- End
- *****************
- Error: (0) Failed to create a restore point.
- Processes closed successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F96EC9C-6291-4C2C-9B2A-6AF2B3AD6000}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F96EC9C-6291-4C2C-9B2A-6AF2B3AD6000}" => key removed successfully
- C:\Windows\System32\Tasks\WINshell Event Notification => moved successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Notification" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C7701396-3622-4FA8-91F0-05421ADFB614}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7701396-3622-4FA8-91F0-05421ADFB614}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update\cryptex" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E954E6AE-695F-4BC8-BA0D-901CAC10C3D8}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E954E6AE-695F-4BC8-BA0D-901CAC10C3D8}" => key removed successfully
- C:\Windows\System32\Tasks\WINshell Event Logging => moved successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Logging" => key removed successfully
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
- HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
- "HKU\S-1-5-21-3631145020-3224763176-4093947856-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbdf364a-e361-11e4-9eee-806e6f6e6963}" => key removed successfully
- HKCR\CLSID\{fbdf364a-e361-11e4-9eee-806e6f6e6963} => key not found.
- HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
- xhunter1 => service removed successfully
- ========================= Folder: C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 ========================
- 2012-10-08 16:19 - 2012-10-08 16:19 - 1977816 _____ (GEAR Software, Inc.) C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\GEARDIFx.exe
- 2016-03-03 21:41 - 2016-03-03 21:41 - 0000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64
- 2012-10-03 16:14 - 2012-10-03 16:14 - 0519048 _____ (Microsoft Corporation) C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\DIFxAPI.dll
- 2012-10-08 16:19 - 2012-10-08 16:19 - 0131544 _____ (GEAR Software, Inc.) C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\DifXInst64.exe
- 2016-03-03 21:41 - 2016-03-03 21:41 - 0004842 _____ () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\DIFxInstallLog.txt
- 2012-10-03 16:14 - 2012-10-03 16:14 - 0106928 _____ (GEAR Software Inc.) C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\GEARAspi.dll
- 2012-10-03 16:14 - 2012-10-03 16:14 - 0125872 _____ (GEAR Software Inc.) C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\GEARAspi64.dll
- 2012-10-03 16:14 - 2012-10-03 16:14 - 0002561 _____ () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\GEARAspiWDM.inf
- 2012-10-03 16:14 - 2012-10-03 16:14 - 0007638 _____ () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\gearaspiwdmx64.cat
- 2016-03-03 21:41 - 2016-03-03 21:41 - 0000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\x64
- 2012-10-03 16:14 - 2012-10-03 16:14 - 0033240 _____ (GEAR Software Inc.) C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\x64\GEARAspiWDM.sys
- ====== End of Folder: ======
- ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
- Operace byla dokonźena ŁspŘçnŘ.
- ========= End of Reg: =========
- ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
- Operace byla dokonźena ŁspŘçnŘ.
- ========= End of Reg: =========
- ========= RemoveProxy: =========
- HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
- HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
- HKU\S-1-5-21-3631145020-3224763176-4093947856-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
- HKU\S-1-5-21-3631145020-3224763176-4093947856-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
- ========= End of RemoveProxy: =========
- ========= bitsadmin /reset /allusers =========
- BITSADMIN version 3.0 [ 7.5.7601 ]
- BITS administration utility.
- (C) Copyright 2000-2006 Microsoft Corp.
- BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
- Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
- {D0B0AD65-DBEF-4DDF-B869-4BC5F0B97E0A} canceled.
- {72B08334-34DB-46AF-B0EE-8027F107FD37} canceled.
- {95E4B6E9-BA42-4ABE-BC4E-0DE9BE75E18D} canceled.
- 3 out of 3 jobs canceled.
- ========= End of CMD: =========
- ========= netsh advfirewall reset =========
- OK.
- ========= End of CMD: =========
- ========= netsh advfirewall set allprofiles state ON =========
- OK.
- ========= End of CMD: =========
- ========= ipconfig /flushdns =========
- Konfigurace protokolu IP syst�mu Windows
- Mezipam p�ekl�d�n� DNS byla �sp��n� vypr�zdn�na.
- ========= End of CMD: =========
- ========= netsh winsock reset catalog =========
- Katalog Winsock byl �sp��n� resetov�n.
- K dokon�en� resetov�n� je nutn� restartovat po��ta�.
- ========= End of CMD: =========
- ========= netsh int ip reset c:\resetlog.txt =========
- �sp��n� resetov�n� Glob�ln�.
- �sp��n� resetov�n� Rozhran�.
- �sp��n� resetov�n� Trasa.
- K dokon�en� t�to akce restartujte po��ta�.
- ========= End of CMD: =========
- ========= ipconfig /release =========
- Konfigurace protokolu IP syst�mu Windows
- Na za��zen� P�ipojen� k m�stn� s�ti nelze prov�st ��dnou operaci, dokud je m�dium tohoto
- za��zen� odpojeno.
- Adapt�r bezdr�tov� s�t� LAN Bezdr�tov� p�ipojen� k s�ti:
- P��pona DNS podle p�ipojen� . . . :
- M�stn� IPv6 adresa v r�mci propojen� . . . : fe80::8c2:1db3:d974:8ac9%17
- V�choz� br�na . . . . . . . . . . :
- Adapt�r s�t� Ethernet P�ipojen� k m�stn� s�ti:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- Adapt�r s�t� Ethernet Hamachi:
- P��pona DNS podle p�ipojen� . . . :
- IPv6 adresa. . . . . . . . . . . : 2620:9b::1975:7c7d
- M�stn� IPv6 adresa v r�mci propojen� . . . : fe80::47e:2a5c:2128:b575%13
- V�choz� br�na . . . . . . . . . . : 2620:9b::1900:1
- 25.0.0.1
- Adapt�r pro tunelov� p�ipojen� isatap.{5557C01E-2738-43D3-AABF-52B95E72C202}:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- Adapt�r pro tunelov� p�ipojen� Teredo Tunneling Pseudo-Interface:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- Adapt�r pro tunelov� p�ipojen� isatap.{E2E70730-0B10-443D-B14E-6D86DB7C0894}:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- ========= End of CMD: =========
- ========= ipconfig /renew =========
- Konfigurace protokolu IP syst�mu Windows
- Na za��zen� P�ipojen� k m�stn� s�ti nelze prov�st ��dnou operaci, dokud je m�dium tohoto
- za��zen� odpojeno.
- Adapt�r bezdr�tov� s�t� LAN Bezdr�tov� p�ipojen� k s�ti:
- P��pona DNS podle p�ipojen� . . . :
- M�stn� IPv6 adresa v r�mci propojen� . . . : fe80::8c2:1db3:d974:8ac9%17
- Adresa IPv4 . . . . . . . . . . . : 10.0.0.3
- Maska pods�t� . . . . . . . . . . : 255.255.255.0
- V�choz� br�na . . . . . . . . . . : 10.0.0.138
- Adapt�r s�t� Ethernet P�ipojen� k m�stn� s�ti:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- Adapt�r s�t� Ethernet Hamachi:
- P��pona DNS podle p�ipojen� . . . :
- IPv6 adresa. . . . . . . . . . . : 2620:9b::1975:7c7d
- M�stn� IPv6 adresa v r�mci propojen� . . . : fe80::47e:2a5c:2128:b575%13
- Adresa IPv4 . . . . . . . . . . . : 25.117.124.125
- Maska pods�t� . . . . . . . . . . : 255.0.0.0
- V�choz� br�na . . . . . . . . . . : 2620:9b::1900:1
- 25.0.0.1
- Adapt�r pro tunelov� p�ipojen� isatap.{5557C01E-2738-43D3-AABF-52B95E72C202}:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- Adapt�r pro tunelov� p�ipojen� Teredo Tunneling Pseudo-Interface:
- Stav m�dia . . . . . . . . . . . : odpojeno
- P��pona DNS podle p�ipojen� . . . :
- ========= End of CMD: =========
- ========= netsh int ipv4 reset =========
- �sp��n� resetov�n� Rozhran�.
- K dokon�en� t�to akce restartujte po��ta�.
- ========= End of CMD: =========
- ========= netsh int ipv6 reset =========
- �sp��n� resetov�n� Rozhran�.
- �sp��n� resetov�n� Adresa jednosm�rov�ho vys�l�n�.
- �sp��n� resetov�n� Trasa.
- K dokon�en� t�to akce restartujte po��ta�.
- ========= End of CMD: =========
- ========= msiexec /unreg =========
- ========= End of CMD: =========
- ========= msiexec /regserver =========
- ========= End of CMD: =========
- ========= winmgmt /verifyrepository =========
- �lo�i�t� slu�by WMI je konzistentn�.
- ========= End of CMD: =========
- ========= reg delete HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg /f =========
- CHYBA: Neplatn syntaxe.
- Chcete-li zobrazit n povŘdu, zadejte pýˇkaz REG DELETE /?.
- ========= End of Reg: =========
- ========= reg add HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg /f =========
- CHYBA: Neplatn syntaxe.
- Chcete-li zobrazit n povŘdu, zadejte pýˇkaz REG ADD /?.
- ========= End of Reg: =========
- EmptyTemp: => 1.2 GB temporary data Removed.
- The system needed a reboot.
- ==== End of Fixlog 20:30:24 ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
